In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing obfuscation mechanism due to the way sensitive data is handled. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-190724551
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2021-08-01 | Vendor Advisory |
Configurations
Information
Published : 2021-08-17 12:15
Updated : 2021-08-24 09:54
NVD link : CVE-2021-0639
Mitre link : CVE-2021-0639
JSON object : View
CWE
CWE-922
Insecure Storage of Sensitive Information
Products Affected
- android